Morgan Princing, "Identifying Security Risks Using Internet-Wide Scan Data"
CERIAS Weekly Security Seminar - Purdue University
English - January 22, 2020 21:30 - 1 MB Video - ★★★★ - 6 ratingsTechnology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
In this talk, we’ll explore how internet scan data layered
with different open-source tools can start to make sense of what is
publicly exposed and potentially a threat. Predominantly, we’ll
focus on three investigations:
1. how to find attacker infrastructure, using IOCs from
MITRE and Web Application Logs
2. how to identify trends in common misconfigurations and
vulnerabilities
3. how to find assets related to your
organization
Throughout the talk, we’ll identify and use risk
indicators to find relevant exposed devices. We’ll also touch on
historical trends that relate to different types of attacks,
security risks that have surfaced in the past year, and what some
of the challenges are in identifying rouge assets in the haystack
of internet data.